Re: RFC: Securing maintainer uploads to master.gnome.org

From: Alan Cox <alan lxorguk ukuu org uk>
To: Ray Strode <halfline gmail com>
Cc: desktop-devel-list gnome org
Subject: Re: RFC: Securing maintainer uploads to master.gnome.org
Date: Fri, 11 Nov 2011 08:22:41 +0000

> In fact, I think the lack of fine grained ACLs for this sort of thing
> is one part of GNOME that work better than projects that try to lock
> things down more aggressively.

Locking stuff down means reducing the attack surface (eg getting rid of
shell accounts) and who can write stuff to trusted repositories. It
doesn't mean contorting the release process. You just need to have the
signing policy right. Giving everyone read access isn't a big deal, its
write access that causes the problem - either to modify repositories or
to put up fake releases. The latter can to a fair extent be handled by
enforcing the upload be of a signed file with an appropriate signature
for the destination.

Alan

Follow-Ups:
- Re: RFC: Securing maintainer uploads to master.gnome.org
  - From: Ray Strode

References:
- RFC: Securing maintainer uploads to master.gnome.org
  - From: Olav Vitters
- Re: RFC: Securing maintainer uploads to master.gnome.org
  - From: Ray Strode

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]